TargetX Permission Scanner Overview
The TargetX Permission Scanner is an Administrative tool that validates the required permissions of TargetX products and features for a particular user. This is a separate package that any Administrator can deploy.
Using the TargetX Permission Scanner
The Permission Scanner allows you to validate permissions for a specific User. You MUST be logged in AS THE USER you are validating:
- Navigate to Setup and search for Users.
- Click the Login link next to the username.
Note: The Login link is available only in organizations where Administrators can log in as any user, configured in the Control Login Access setting.
- To return to your administrator account, click User’s Name | Logout.
Once you've logged in as the user you want to validate:
- Navigate to the Permission Scanner tab. The Product/Feature picklist will display a listing of TargetX products.
- Select the Product and the Version for which you want to validate permissions.
- Click Validate Permissions for <User Name>. The validation process will compare the minimum required permissions against what the user has been assigned and display a list of anything missing. Optionally, you can check Return Verbose Results to display Errors and Warnings with additional information about the problem.
Sample Error: 'ERROR: User does not have READ access to hasoptedoutofemail on Contact'
Same Warning: 'WARNING: User does not have READ access to primary_academic_program__c on Contact. The user might also need READ access to Account'.
Note: Some products will require you to run the scan on several products, such as the Online Application (Student Community User). Refresh the page before selecting a different Product/Feature.
All permissions which are NOT set correctly in an org will be displayed for each of the following:
- Objects/Fields
- Visualforce pages
- Apex classes
Note: This tool will only validate the missing MINIMUM required permissions.
You can generate TargetX Permission Sets based on the configurations available in Permission Scanner. Permission Scanner 'Admin Controls' will display if your user has been assigned the TX Permission Scanner Admin permission set. Run Batch Assignment will assign all active users the TX Permission Scanner Basic permission set.
Limitations of the TargetX Permission Scanner
- The Permission Scanner cannot validate record-level access. Scanning is on objects, fields, VisualForce pages, and APEX classes, but not actual records.
- Customer-implemented customizations cannot be validated and may generate errors. For instance, if all fields on an object are required for read or edit by default, and you intentionally add a custom field without read or edit access, the Permission Scanner will generate an error. It may be fine to ignore this error, depending on your customization. If you need assistance with errors like this, contact support.
- Since field sets are designed to be configurable product elements, we cannot anticipate what is added on a per-customer basis. Therefore, fields a customer adds to a field set must be checked independently of the baseline permissions.
- The scanner will not make any changes to permissions settings. It simply generates a report to help identify necessary updates.